Install · npm
@ledrapay/components from our private registry
The SDK is published to npm.ledrapay.com — a token-required registry for enterprise integrations. Installs authenticate with a per-customer token you can rotate or revoke; the package itself is identical byte-for-byte to the CDN bundle.
Setup
The complete configuration, step by step
Why config is needed at all: npm install @ledrapay/components asks whatever registry npm is configured for. By default that's npmjs.org, where this package deliberately does not exist. The one-time setup below tells npm two things: where the @ledrapay scope lives, and who you are when you ask for it.
1 · Get a token
Tokens are issued per customer/environment — request access. You'll receive a JWT string; treat it like a password.
2 · Configure npm — pick one
Team / CI setup (recommended) — commit the .npmrc to the repo, inject the secret via an environment variable:
# .npmrc — in the project root, safe to commit (contains no secret)
@ledrapay:registry=https://npm.ledrapay.com/
//npm.ledrapay.com/:_authToken=${LEDRAPAY_NPM_TOKEN}
# each developer / CI job sets the secret in the environment: export LEDRAPAY_NPM_TOKEN="…your token…"
Solo setup — put the token directly in your user-level npmrc instead (never commit this form):
# ~/.npmrc (chmod 600)
@ledrapay:registry=https://npm.ledrapay.com/
//npm.ledrapay.com/:_authToken=…your token…
Only the @ledrapay scope resolves to our registry — every other package in your tree keeps installing straight from npmjs. Your dependency traffic never touches our infrastructure.
3 · Install — the full package name, not the bare scope
npm install @ledrapay/components # note: `npm i @ledrapay` alone is NOT a package name — it fails with # EINVALIDTAGNAME. The scope always needs the package: @ledrapay/components
4 · Verify the wiring before you build
# who does the registry think you are? (should print your username) npm whoami --registry https://npm.ledrapay.com # can you resolve the package? (should print the current version) npm view @ledrapay/components version
5 · Use it
// registers all ledrapay-* custom elements (side-effect import) import '@ledrapay/components'; // i18n helpers are named exports from the same module import { setLedraPayStrings, setLedraPayLocale, de, fr } from '@ledrapay/components';
Other package managers
pnpm, Yarn 1, Yarn Berry
| Manager | Config |
|---|---|
| pnpm | Reads the same .npmrc — no extra config. |
| yarn 1.x | Reads the same .npmrc — no extra config. |
| yarn 2+ (Berry) | Ignores .npmrc — add to .yarnrc.yml:npmScopes: { ledrapay: { npmRegistryServer: "https://npm.ledrapay.com", npmAuthToken: "${LEDRAPAY_NPM_TOKEN}" } } |
CI example (GitHub Actions) — the committed .npmrc does the routing; the secret arrives as an env var:
steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 - run: npm ci env: LEDRAPAY_NPM_TOKEN: ${{ secrets.LEDRAPAY_NPM_TOKEN }}
Tokens
Getting and keeping access
Tokens are issued per customer (or per environment) by the Ledra Pay team — request access. Treat them like any registry credential:
| Do | Why |
|---|---|
| inject via env var / CI secret store | Keeps tokens out of committed .npmrc files. |
| one token per environment | Revoking CI doesn't lock out developers. |
| calendar the expiry | Tokens expire after 90 days. Re-provisioning is the renewal path; an expired token fails with E401. |
Troubleshooting
Every failure mode, with its exact error
| Error | Cause & fix |
|---|---|
| E401 "authentication token seems to be invalid" | Most often the env var is simply unset in the shell or CI job npm runs in — npm sends the unexpanded value and the registry rejects it. Check echo $LEDRAPAY_NPM_TOKEN in the same context. Also fires for expired tokens (90-day expiry — re-provisioning is the renewal path). |
| E404 @ledrapay/components not found | The scope line is missing from .npmrc, so npm asked npmjs — the package intentionally does not exist there (dependency-confusion protection). Add @ledrapay:registry=https://npm.ledrapay.com/. |
| EINVALIDTAGNAME "@ledrapay" | You ran npm i @ledrapay — the bare scope isn't a package. Install @ledrapay/components. |
| whoami: ENEEDAUTH | Your token isn't reaching the registry — the //npm.ledrapay.com/:_authToken= line is missing, in the wrong file, or the URL doesn't match (host must be exactly npm.ledrapay.com). |